Reply

OpenVPN server config problems - compression and authorization on RBR40

bkeith4web
Aspirant

OpenVPN server config problems - compression and authorization on RBR40

The OpenVPN server on this model is still using SHA1 authorization and lz0 compression and those (along with other things like link MTU size) cannot be set anywhere.  SHA1 is long outdated and vulnerable and really needs to be replaced.  lz0 has been deprecated and is also a security vulnerabiliby.

I haven't seen any way (through web interface or telnet) to change any of these settings.  There is a vpn_compress_conf set to '694649456848239', whatever that means.

Has anyone found a way to alter any of these settings or heard anything about upcoming firmware that will address this?  I'm on the latest 2.5.1.16.

Message 1 of 3
Mstrbig
Master

Re: OpenVPN server config problems - compression and authorization on RBR40


@bkeith4web wrote:

The OpenVPN server on this model is still using SHA1 authorization and lz0 compression and those (along with other things like link MTU size) cannot be set anywhere.  SHA1 is long outdated and vulnerable and really needs to be replaced.  lz0 has been deprecated and is also a security vulnerabiliby.

I haven't seen any way (through web interface or telnet) to change any of these settings.  There is a vpn_compress_conf set to '694649456848239', whatever that means.

Has anyone found a way to alter any of these settings or heard anything about upcoming firmware that will address this?  I'm on the latest 2.5.1.16.


And you have followd these directions:

To enable the VPN service on your Orbi system using an Android or iOS device:

  1. Launch web browser from a mobile device that is connected to your router’s network.
  2. Enter orbilogin.com.
    A login window opens.
  3. Enter the router user name and password.
    The user name is admin. The default password is password. The user name and password are case-sensitive.
    The BASIC Home page displays.
  4. Select Advanced > Advanced Setup> VPN Service.
    The VPN page displays.
  5. Select the Enable VPN Service check box and click APPLY.
  6. Click the FOR SMART PHONE button to download the OpenVPN configuration files.
  7.  On your mobile device, download and install the OpenVPN Connect app from the Google Play store or Apple app store.
  8. On your computer, unzip the configuration files that you downloaded and send the files to your device.

    Note: When you open the .ovpn file, a list of apps displays. Select the OpenVPN Connect app to open the .ovpn file.

Orbi RBK53 System/RBR50/RBS50/RBS50. + Orbi Voice RBS40V
RBK753 system/RBR750/RBS750/RBS750 + RBK853 System/RBR850/RBS850/RBS850
SXK80 — Orbi Pro AX6000 WiFi 6 Tri-Band WiFi System
There's always a logical answer, if you have all the facts!
Message 2 of 3
bkeith4web
Aspirant

Re: OpenVPN server config problems - compression and authorization on RBR40

Thanks again for the reply @Mstrbig , my vpn works but the issues are (in particular) with the use by Netgear of SHA1 auth and lzo compression, both of which are deprecated and security risks.  I've been seeing posts covering 3 years plus by people asking Netgear to address this since it seems to be in firmware which is disappointing if true.

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 502 views
  • 0 kudos
  • 2 in conversation
Announcements

Orbi WiFi 6E